#include "../auth/ntlmssp/ntlmssp.h"
#include "../lib/util/tevent_ntstatus.h"
#include "async_smb.h"
-#include "smb_crypt.h"
+#include "../libcli/smb/smb_seal.h"
#include "trans2.h"
#include "ntlmssp_wrap.h"
+#include "auth/gensec/gensec.h"
+#include "../libcli/smb/smbXcli_base.h"
/****************************************************************************
Get UNIX extensions version info.
DATA_BLOB blob_out = data_blob_null;
DATA_BLOB param_out = data_blob_null;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ struct auth_generic_state *auth_ntlmssp_state;
struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_NTLM);
if (!es) {
return NT_STATUS_NO_MEMORY;
}
- status = auth_ntlmssp_client_start(NULL,
- lp_netbios_name(),
- lp_workgroup(),
- lp_client_ntlmv2_auth(),
- &es->s.auth_ntlmssp_state);
+ status = auth_ntlmssp_client_prepare(NULL,
+ &auth_ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
- auth_ntlmssp_want_feature(es->s.auth_ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY);
- auth_ntlmssp_want_feature(es->s.auth_ntlmssp_state, NTLMSSP_FEATURE_SEAL);
+ gensec_want_feature(auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SESSION_KEY);
+ gensec_want_feature(auth_ntlmssp_state->gensec_security, GENSEC_FEATURE_SEAL);
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_username(es->s.auth_ntlmssp_state, user))) {
+ if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_username(auth_ntlmssp_state, user))) {
goto fail;
}
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_domain(es->s.auth_ntlmssp_state, domain))) {
+ if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_domain(auth_ntlmssp_state, domain))) {
goto fail;
}
- if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_password(es->s.auth_ntlmssp_state, pass))) {
+ if (!NT_STATUS_IS_OK(status = auth_ntlmssp_set_password(auth_ntlmssp_state, pass))) {
+ goto fail;
+ }
+
+ if (!NT_STATUS_IS_OK(status = auth_ntlmssp_client_start(auth_ntlmssp_state))) {
goto fail;
}
do {
- status = auth_ntlmssp_update(es->s.auth_ntlmssp_state, es->s.auth_ntlmssp_state,
- blob_in, &blob_out);
+ status = gensec_update(auth_ntlmssp_state->gensec_security, auth_ntlmssp_state,
+ NULL, blob_in, &blob_out);
data_blob_free(&blob_in);
data_blob_free(¶m_out);
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {
data_blob_free(&blob_in);
if (NT_STATUS_IS_OK(status)) {
+ es->enc_on = true;
/* Replace the old state, if any. */
- if (cli->trans_enc_state) {
- common_free_encryption_state(&cli->trans_enc_state);
- }
- cli->trans_enc_state = es;
- cli->trans_enc_state->enc_on = True;
+ /* We only need the gensec_security part from here.
+ * es is a malloc()ed pointer, so we cannot make
+ * gensec_security a talloc child */
+ es->s.gensec_security = talloc_move(NULL,
+ &auth_ntlmssp_state->gensec_security);
+ smb1cli_conn_set_encryption(cli->conn, es);
es = NULL;
}
fail:
-
+ TALLOC_FREE(auth_ntlmssp_state);
common_free_encryption_state(&es);
return status;
}
data_blob_free(&blob_recv);
if (NT_STATUS_IS_OK(status)) {
+ es->enc_on = true;
/* Replace the old state, if any. */
- if (cli->trans_enc_state) {
- common_free_encryption_state(&cli->trans_enc_state);
- }
- cli->trans_enc_state = es;
- cli->trans_enc_state->enc_on = True;
+ smb1cli_conn_set_encryption(cli->conn, es);
es = NULL;
}